<?php
/*
 * Created on Feb 4, 2005
 *
 * common functions
 */
require_once ('/home/hungr3/etc/db.php');

function report_error ($page, $sql, $desc, $user)
{
	db_connect ();
	
	$date = date ("Y-m-d");
	$time = date ("H:i:s");
	
	$sql = addslashes ($sql);
	
	if ($user == 0)
	{
		$id = 0;
	}
	else
	{
		$query = sprintf("SELECT id FROM users WHERE name='%s'", addslashes($user));
		$result = mysql_query ($query);
		$id = mysql_result ($result, 0);
	}
	
	$query = "INSERT INTO error SET page='$page',
									mysql_error='$sql',
									description='$desc',
									userID='$id',
									date='$date',
									time='$time'";
	$result = mysql_query ($query)
		or die (mysql_error ());
	
	echo "<p>Failure: You have found a bug.  <br />" .
			"Sorry, for the inconvenience.  It has been logged.<br />" .
			"We will try our best to fix it.</p>";
	echo "<p><a href='index.htm'>Return to the homepage</a></p>";
	do_footer ();
	exit;
}
 
function register ($user, $pass)
{
	// connect to the db
	db_connect ();
	
	$query = sprintf("SELECT id FROM users WHERE name='%s'", addslashes($user));
	$result = mysql_query($query);
 	
	if (!$result)
	{
		echo "username lookup failed";
		return false;
	}
	if (mysql_num_rows($result) > 0)
	{
		echo "name is already taken.  <a href='createuser.php'>try again</a>";
		return false;
	}
 	
	// encrypt password
	$pass = crypt ($pass, 'bobcat');

	$query = sprintf("INSERT INTO users SET name='%s', pass='%s', date=CURDATE()", addslashes($user), addslashes($pass));
	mysql_query ($query)
		or die ("insertion failure");
		
	return true;
}

function login ($name, $pass)
{
	// connect to db
	$conn = db_connect();
	if (!$conn)
	{
		return false;
	}

	// encrypt password
	$pass = crypt ($pass, 'bobcat');

	// check if username is unique
	$query = sprintf ("SELECT id FROM users WHERE name='%s' AND pass = '%s'", addslashes($name), addslashes($pass));
	$result = mysql_query($query);
	if (!$result)
	{
		return false;
	}
  
	if (mysql_num_rows($result)>0)
	{
		//update the time of last login
		$query = sprintf("UPDATE users SET lastLogin=CURDATE() WHERE name='%s'", addslashes($name));
		mysql_query ($query);
		return true;
	}
	else
	{
		return false;
	}
}

function valid_user()
// see if somebody is logged in and notify them if not
{
	global $_SESSION;
	if (isset($_SESSION['valid_user']))
	{
		return true;
	}
	else
	{
		// they are not logged in 
		do_header('Not Logged In', '');
		echo "<p>You are not logged in.</p>
			<p>Make sure cookies are enabled</p>";
		do_url('/', 'Login');
		do_footer();
		exit;
	}  
}

function fb_user ()
{
	global $_SESSION;
	return isset($_SESSION['fb_user']);
}

function is_admin ()
{
	if (valid_user ())
	{
		$user = $_SESSION['valid_user'];
		
		db_connect ();
		
		$query = sprintf("SELECT admin FROM users WHERE name='%s'", addslashes($user));
		$result = mysql_query ($query)
			or die ('cannot verify if admin'.mysql_error());
		
		return (mysql_result ($result, 0) == 1);
	}
	else
		return false;
}

function remove_spaces ($str)
{
		return str_replace(" ", "", $str);
}
 		
 
 // h                          l
 // h         t                l
 // h      ttttttt   mmm mmm   l
 // hhhh      t     m   m   m  l
 // h   h     t     m   m   m  l
 // h   h     t     m   m   m  l
 
function do_header ($title, $inserts)
{
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Language" content="en-us" />
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link href="/css/bobcat.css" rel="stylesheet" type="text/css" />
<?php echo $inserts; ?>
<title>bobcat. - <?php echo "$title"; ?></title>
</head>
<body>
<?php
}

function do_footer ()
{
?>
<p id="footer">bobcat. &copy; 2006</p>
</body>
</html>
<?php
}

function do_url($url, $name)
{
  // output URL as link and br
  echo '<br /><a href="'.$url.'">'.$name.'</a><br />';
}

function do_menu ()
{
	echo "<table><tr><td id='menu'><a href='/'>bobcat.</a> - ".
		"<a href='/list.php'>View List</a> - ";
	if ($_SESSION['fb_user'] <> true)
		echo "<a href='/changepassword.php'>Change Password</a> - ";
	echo "<a href='/feedback.php'>Leave Feedback</a> - ".
		"<a href='/stats.php'>Server Stats</a> - ".
		"<a href='/logout.php'>Logout</a>".
		"</td></tr></table>";
}
?>